Amavis gives you an interface between mail servers (MTAs such as Postfix or DoveCot) and mail filters (ClamAV, SpamAssassin). In many cases it is more efficient than running separate daemons like spamd.

+

{{Related articles start}}

+

{{Related|ClamAV}}

+

{{Related|Postfix}}

+

{{Related|Dovecot}}

+

{{Related articles end}}

−

==Install & Setup==

+

From [http://www.ijs.si/software/amavisd/ Amavis's site]:

+

:''amavisd-new is a high-performance interface between mailer (MTA) and content checkers: virus scanners, and/or SpamAssassin. It is written in Perl for maintainability, without paying a significant price for speed. It talks to MTA via (E)SMTP or LMTP, or by using helper programs. Best with Postfix, fine with dual-sendmail setup and Exim v4, works with sendmail/milter, or with any MTA as a SMTP relay.''

−

Build {{AUR|amavisd-new}} from the AUR and install it with pacman. You'd be wise to also install optdepends such as {{Pkg|p7zip}} and {{Pkg|unrar}} so your filters can actually see inside compressed files.

+

== Installation and Setup ==

−

sudo pacman -U amavisd-new-*-any.pkg.tar.xz

+

In this setup it is assumed that you are using [[ClamAV]] as anti-virus scanner.

−

sudo pacman -Syu p7zip unrar

+

* Install {{AUR|amavisd-new}} from the [[AUR]]. You would be wise to also install optdepends such as {{Pkg|p7zip}} and {{Pkg|unrar}} so your filters can actually see inside compressed files.

+

* Install {{pkg|clamav}} from the [[official repositories]].

−

If your hostname is not a FQDN, you must set $myhostname in /etc/amavisd/amavisd.conf. You probably want to set $mydomain too. After that, you probably want to start it like this:

+

=== Basic Configuration ===

−

sudo systemctl enable amavisd

+

If your hostname is not a FQDN, you must set {{ic|$myhostname}} and {{ic|$mydomain}} accordingly in {{ic|/etc/amavisd/amavisd.conf}}.

−

sudo systemctl start amavisd

+

−

Some ways to check for errors:

+

You can enable [[ClamAV]] support by commenting out the following lines (do not forget to put the same {{ic|clamd.sock}} as in {{ic|/etc/clamav/clamd.sock}}):

+

{{bc|<nowiki>

+

# ### http://www.clamav.net/

+

['ClamAV-clamd',

+

\&ask_daemon, ["CONTSCAN {}\n", "/var/lib/clamav/clamd.sock"],

+

qr/\bOK$/m, qr/\bFOUND$/m,

+

qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],

+

# # NOTE: run clamd under the same user as amavisd - or run it under its own

+

# # uid such as clamav, add user clamav to the amavis group, and then add

+

# # AllowSupplementaryGroups to clamd.conf;

+

# # NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in

+

# # this entry; when running chrooted one may prefer a socket under $MYHOME.

In this configuration we assume that postfix and Amavis are running on the same machine (i.e. {{ic|127.0.0.1}}). If that is not the case edit {{ic|/etc/amavisd/amavisd.conf}} and the prevous Postfix entry accordingly.

+

+

Postfix will listen to port {{ic|10025}} so that Amavis can send back checked emails to that port.

+

+

You also have to add another other configuration in your {{ic|smtp}} or {{ic|submission}} sections:

+

+

-o content_filter=amavisfeed:[127.0.0.1]:10024

+

+

Using this options implies that Postfix will send emails to Amavis on port {{ic|10024}}, so that these can be checked. If mail passes the control then these are sent to port {{ic|10025}}, as explained before.

+

+

We can now [[restart]] {{ic|postfix.service}} and {{ic|amavisd.service}}.

+

+

To check that Postfix is listening on port {{ic|10025}} do the same operations as the port {{ic|10024}} case.

+

+

== SpamAssassin support ==

+

+

{{Expansion|todo}}

+

+

Spamassassin is integrated in Amavis so you do not have to start {{ic|spamassassin.service}}. To enable support for Spamassassin comment the following line in {{ic|/etc/amavis/amavis.conf}} like this:

Latest revision as of 09:12, 25 July 2016

amavisd-new is a high-performance interface between mailer (MTA) and content checkers: virus scanners, and/or SpamAssassin. It is written in Perl for maintainability, without paying a significant price for speed. It talks to MTA via (E)SMTP or LMTP, or by using helper programs. Best with Postfix, fine with dual-sendmail setup and Exim v4, works with sendmail/milter, or with any MTA as a SMTP relay.

Basic Configuration

If your hostname is not a FQDN, you must set $myhostname and $mydomain accordingly in /etc/amavisd/amavisd.conf.

You can enable ClamAV support by commenting out the following lines (do not forget to put the same clamd.sock as in /etc/clamav/clamd.sock):

# ### http://www.clamav.net/
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/lib/clamav/clamd.sock"],
qr/\bOK$/m, qr/\bFOUND$/m,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
# # NOTE: run clamd under the same user as amavisd - or run it under its own
# # uid such as clamav, add user clamav to the amavis group, and then add
# # AllowSupplementaryGroups to clamd.conf;
# # NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in
# # this entry; when running chrooted one may prefer a socket under $MYHOME.

In this configuration we assume that postfix and Amavis are running on the same machine (i.e. 127.0.0.1). If that is not the case edit /etc/amavisd/amavisd.conf and the prevous Postfix entry accordingly.

Postfix will listen to port 10025 so that Amavis can send back checked emails to that port.

You also have to add another other configuration in your smtp or submission sections:

-o content_filter=amavisfeed:[127.0.0.1]:10024

Using this options implies that Postfix will send emails to Amavis on port 10024, so that these can be checked. If mail passes the control then these are sent to port 10025, as explained before.